.svg)
Zepp Health attaches great importance to security issues and welcomes all security researchers to report potential security vulnerabilities to us to improve the security of our smartwatches and IoT devices(software hardware firmware).
Monitor and and assign received vulnerabilities in a timely manner
Verify the vulnerability and confirm the exploitability and impact
Provide effective fix solutions or risk remediations measures
Investigate and confirm the complete scope of affected products
Review and publish the security advisory for the security vulnerability
Mailbox
You can report discovered security vulnerabilities to sec@zepp.com. Your report should include the following information:
The email you report contains at least the following information
· Your organization and contact information
· Products and versions affected
· Description of the potential vulnerability
· Information about known exploits
· Disclosure plans- Additional information, if any
Attention
Although zepp health encourage investigation of potential security breaches, zepp health cannot tolerate any activity that may interfere with legitimate users or may violate applicable computer abuse, cyber security and data protection regulations. Therefore, the following activities are prohibited:- Modification or destruction of data- Service disruption or degradation, such as DoS- Disclosure of personal, proprietary or financial information
Response Time
Zepp health will respond within 48 hours to the vulnerabilities you submit.* Note: Actual vulnerability response time may vary depending on the risk level and complexity of the vulnerability.
